Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
virustotal yara vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2017-11328
Heap buffer overflow in the yr_object_array_set_item() function in object.c in YARA 3.x allows a denial-of-service attack by scanning a crafted .NET file.
Virustotal Yara 3.6.1
Virustotal Yara 3.6.2
Virustotal Yara 3.6.3
Virustotal Yara 3.0.0
Virustotal Yara 3.3.0
Virustotal Yara 3.5.0
Virustotal Yara 3.4.0
Virustotal Yara 3.6.0
Virustotal Yara 3.1.0
Virustotal Yara 3.2.0
4.3
CVSSv2
CVE-2021-45429
A Buffer Overflow vulnerablity exists in VirusTotal YARA git commit: 605b2edf07ed8eb9a2c61ba22eb2e7c362f47ba7 via yr_set_configuration in yara/libyara/libyara.c, which could cause a Denial of Service.
Virustotal Yara
6.8
CVSSv2
CVE-2018-12034
In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds read vulnerability in yr_execute_code in libyara/exec.c.
Virustotal Yara
6.8
CVSSv2
CVE-2018-12035
In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds write vulnerability in yr_execute_code in libyara/exec.c.
Virustotal Yara
5
CVSSv2
CVE-2017-8294
libyara/re.c in the regex component in YARA 3.5.0 allows remote malicious users to cause a denial of service (out-of-bounds read and application crash) via a crafted rule that is mishandled in the yr_re_exec function.
Virustotal Yara 3.5.0
5
CVSSv2
CVE-2017-9304
libyara/re.c in the regexp module in YARA 3.5.0 allows remote malicious users to cause a denial of service (stack consumption) via a crafted rule that is mishandled in the _yr_re_emit function.
Virustotal Yara 3.5.0
5
CVSSv2
CVE-2017-9438
libyara/re.c in the regexp module in YARA 3.5.0 allows remote malicious users to cause a denial of service (stack consumption) via a crafted rule (involving hex strings) that is mishandled in the _yr_re_emit function, a different vulnerability than CVE-2017-9304.
Virustotal Yara 3.5.0
5.8
CVSSv2
CVE-2017-9465
The yr_arena_write_data function in YARA 3.6.1 allows remote malicious users to cause a denial of service (buffer over-read and application crash) or obtain sensitive information from process memory via a crafted file that is mishandled in the yr_re_fast_exec function in libyara/...
Virustotal Yara 3.6.1
5
CVSSv2
CVE-2016-10211
libyara/grammar.y in YARA 3.5.0 allows remote malicious users to cause a denial of service (use-after-free and application crash) via a crafted rule that is mishandled in the yr_parser_lookup_loop_variable function.
Virustotal Yara 3.5.0
5
CVSSv2
CVE-2017-5924
libyara/grammar.y in YARA 3.5.0 allows remote malicious users to cause a denial of service (use-after-free and application crash) via a crafted rule that is mishandled in the yr_compiler_destroy function.
Virustotal Yara 3.5.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-25525
CVE-2024-4652
CVE-2024-1438
CVE-2024-4671
CVE-2024-34351
arbitrary
CVE-2024-4650
SQL injection
overflow
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »